WWPASS AUTHENTICATION MODULE FOR APACHE SERVER 2.2 INSTALL GUIDE
|
|
- Christian Bradley
- 6 years ago
- Views:
Transcription
1 WWPASS AUTHENTICATION MODULE FOR APACHE SERVER 2.2 INSTALL GUIDE June 2013
2 TABLE OF CONTENTS TABLE OF CONTENTS... 2 ABOUT THIS DOCUMENT... 3 DOCUMENT TEXT CONVENTIONS... 4 ABBREVIATIONS & DEFINITIONS... 5 OVERVIEW... 7 LICENSING... 8 SUPPORTED OPERATING SYSTEMS... 9 FEATURES HOW IT WORKS WWP-AMA SOFTWARE PREREQUISITES Prerequisites Installation Apache Server Installation WWP-AMA INSTALLATION ENABLE SERVICE PROVIDER Validate domain with WWPass Generate public/private encryption key pair Enable.htaccess Apache configuration What is.htaccess and How Is It Used? How to enable.htaccess Functionality htaccess Configuration Basic.htaccess Directives Cookies and Sessions User and Access Control htaccess file example Page 2
3 About This Document This document is intended for service provider application programmers, system administrators, quality assurance professionals, and support personnel. It describes how to interface with the WWPass Core System to provide end users with WWPass security services within the Apache Server application. The concepts and principles and instructions described in this document provide the necessary information to successfully implement WWPass security and authentication features into your web site or internet service. This document assumes that the reader has a working knowledge of Linux terminal and the Apache Server configuration. Page 3
4 Document Text Conventions Below is a list of type styles used throughout this document to indicate the various data input. Convention Description Monospace Description Indicates source code, code examples, input to the command line, application output, and code lines embedded in text, and variables and code elements. Example Public Class apt-get Bold Indicates most predefined programming elements, including namespaces, classes, interfaces, methods, functions, macros, structures, properties, enumerations, fields, operators, statements, data types, keywords, exceptions, and non-html attributes. Also indicates filenames with appropriate file type extension, if applicable, and directory paths. Namespace req Config.txt /var/www Bracket Indicates a placeholder for valid options within configuration files. All valid options will be listed within brackets and separated by a. <your_file_here.txt> <on off > Italic Indicates placeholders, most often method or function parameters and HTML placeholders; these placeholders represent information that must be supplied by the implementation or the user. Also used to indicate a document note. Cookie=wwpass.com Note:Text Hypertext Link Indicates a web address that can be accessed outside of the current document that contains application source code, application binaries, or supplemental reference information to the text provided. Capital Letters Indicates the names of keys and key sequences. Also indicates HTML element names. ENTER CTRL+R <A HREF= > Plus Sign Indicates a combination of keys. For example, ALT+F1 means to hold down the ALT key while pressing the F1 key. ALT+F1 Page 4
5 Abbreviations & Definitions Below is a list of commonly used terms associated with WWPass technology along with their associated abbreviation and definition. Term Abbreviation Definition Certifying Authority CA A 3 rd party entity that issues a digital certificate which validates the integrity of a Service Provider. Data Container A component of the WWPass authentication system that provides secure encrypted remote storage of user data. Hypertext Transfer Protocol HTTP A file transfer protocol primarily used to send/receive data formatted using the Hypertext Markup Language (HTML). PassKey A Universal Serial Bus (USB) compatible device that contains basic user information, as well as cryptographic certificates, in encrypted form. Privacy Enhanced Mail PEM A method for exchanging secure communications. An implementation of this requires the exchanging of public certificates between parties. These certificates are usually found with a.pem file extension. Service Provider SP Any entity that provides internet or other network-based services. Service Provider Agent SPA A combination of computer programs, computers and network links that comprise the functionality for a Service Provider. Service Provider ID SPID A unique identifier attributed to a specific Service Provider within the WWPass authentication system. User ID UID A unique identifier attributed to a user within the WWPass authentication system. Page 5
6 WWPass Authentication Module for Apache WWP-AMA Describes the WWPass Authentication Module for Apache Server. In this document, Apache will refer to the specific version designated as Apache Server 2.2. WWPass Authentication Service WWP-AS The combination of a Service Provider s front end user interface and the backend applications/services it interacts with using the WWPass APIs. WWPass Distributed Secure Storage WWP-DSS The principle storage for all WWPass data objects which includes all Data Containers and any other required data. This data is parceled out among multiple, off-site storage units and encrypted so as to be useless should one or more storage location become compromised. WWPass Security Plugin WWP-SPI A component of the WWP-AS that resides on a user s computer as a browser plugin and provides an interface between the user and the Authentication Service. WWPass Service Provider WWP-SP The designation for any entity that provides services to third parties while utilizing the WWPass Authentication Service. WWPass Service Provider Front End WWP-SPFE A component of the WWP-AS that is responsible for communication with Service Providers. WWPass User Front End WWP-UFE A component of the WWP-AS that is responsible for communication between a user and WWP-SPI. Page 6
7 Overview This document is intended for application developers who wish to use the WWPass Authentication Module for Apache 2.2 (WWP-AMA) to authenticate users on an Apache Server. By adding the WWPass infrastructure, the result will turn the Apache Server into a WWPass Service Provider (WWP-SP) with full authentication capabilities. When configured with a second authentication method, WWPass authentication allows the ability to use login/password pairs to provide seamless binding of WWPass PassKeys to existing user accounts. Page 7
8 Licensing The WWPass Authentication Module for Apache Server 2.2 is licensed under the Apache 2.0 license. You can modify and re-distribute the code with the appropriate attribution. You may obtain a copy of the License at Page 8
9 Supported Operating Systems Currently only POSIX operating systems supported, Windows support may be added to future releases. The module should work in all POSIX-compliant operating systems but additional configuration steps may be required on some distributions. This module was tested on Ubuntu and CentOS Linux distributions. Page 9
10 Features Current version WWP-AMA allows the following: Authenticate user with a PassKey via WWP-SPI using WWPass JavaScript library and WWP-SPI; Store user s authenticated session in sqlite3 database for a set period of time after authentication; Pass user s authentication data as "virtual" (module generated) cookies to server-side scripts; Pass authentication to other modules in case of any authentication failure; Automatically assign user names based on authentication by other modules. Page 10
11 How It Works The WWP-AMA is a module that can be incorporated into Apache Server to extend the infrastructure to support WWPass PassKey technology. The module is enacted when Apache Server first receives a request to access a site or specific folder that the administrator wishes to protect from unauthorized access. Upon receiving an HTTP request, Apache Server accesses the WWPass module which then initiates a WWPass authentication transaction. As a result of the transaction, WWPass generates a unique Personal User ID (PUID) number. The module finds a username which corresponds to the PUID from AuthWWPassUserfile that contains PUID:login pairs. The module returns the login name to Apache Server as a result of the authentication. From here, only valid names will be allowed access. The least convenient way to bind PUID to user name is to manually edit AuthWWPassUserfile. A more advanced procedure implies fallback to login/password authentication for finding user name. This way WWP-AMA makes changes to AuthWWPassUserfile automatically. An example of fallback configuration is shown in the.htaccess file example at the end of this document. Page 11
12 WWP-AMA Software Prerequisites The following software packages must be installed prior to compiling WWP-AMA, and allow for proper integration and post-install testing: autoconf libtool libcurl with SSL support libsqlite3 Apache Server ver. 2.2 Apache Server development headers and tools PHP (Optional) Prerequisites Installation The installation of prerequisites differs depending on the OS. The instructions below are for the Debian/Ubuntu family of Linux OS. To install the prerequisites open the terminal and type: sudo apt-get install wget build-essential autoconf libtool libcurl4-gnutls-dev \ libsqlite3-dev apache2-prefork-dev Apache Server Configuration The Apache Server manual installation and configuration is not covered in this document. Please refer on the Apache Server documentation on Once the server is successfully installed, complete the following steps: Create a new file in directory /etc/apache2/mods-available called auth_wwpass.load that contains the following directive on one line: LoadModule auth_wwpass /usr/lib/apache2/modules/mod_auth_wwpass.so Page 12
13 Create a symbolic link to this file from the /etc/apache2/mods-enabled/auth_wwpass.load directory by typing: sudo ln s /etc/apache2/mods-available/auth_wwpass.load \ /etc/apache2/mods-enabled/auth_wwpass.load Enable the generic authorization module for Apache Server by typing: sudo a2enmod auth_digest sudo service apache2 restart PHP (Optional) This is not required and only necessary on clean Apache installs, but since many of the developer tools rely on php, enabling it on the Apache Server could be considered vital. From the terminal the following commands will successfully install PHP 5: sudo apt-get libapache2-mod-php5 sudo a2enmod php5 sudo service apache2 restart Page 13
14 WWP-AMA Installation This section will describe how to download and build the WWP-AMA to prepare it for inclusion in the Apache Server 2.2. Open the terminal, change directory to where you would like to build the WWP-AMA and download it by typing: wget --trust-server-names Unpack the file by typing and change directory into it: tar xvzf mod_wwpass.tar.gz cd mod_wwpass Within the /mod_wwpass directory, build the WWP-AMA by executing the following commands: autoconf./configure make Note that there are two possible option flags to the configure script command line above: --with-apache=<path> Sets the path for the Apache Server development tools, the default is /usr/share/apache2. --with-random=<randpath> Sets the path to the source of entropy for generating session IDs, the default is /dev/urandom. Note: There is a /dev/random that generate more cryptographically strong random data than /dev/urandom, but it s not advised to use it at it may block the execution of the module if it doesn t have enough entropy. Page 14
15 Install the WWP-AMA to Apache Server modules directory: sudo make install Create a new file in directory /etc/apache2/mods-available called auth_wwpass.load that contains the following directive on one line (the exact paths may differ on different installation of Apache Server): LoadModule auth_wwpass /usr/lib/apache2/modules/mod_auth_wwpass.so Create a symbolic link to this file from the /etc/apache2/mods-enabled directory by typing: sudo ln s /etc/apache2/mods-available/auth_wwpass.load /etc/apache2/mods-enabled/auth_wwpass.load Restart the Apache Server to load the WWP-AMA: sudo /etc/init.d/apache2 restart Page 15
16 Page 16
17 Enable Service Provider Instructions in this section duplicate the procedure of creation of Service Provider on WWPass Developer's site ( You may prefer to use online wizard there. To allow WWP-AMA to integrate with the WWP-AS, the administrator will need to do the following: Validate domain name with WWPass Generate public/private encryption key pair Obtain a valid certificate from a Certifying Authority (CA) in.crt format. Enable.htaccess Apache Server configuration Enable PUID access table Validate domain with WWPass To validate your web site domain, begin by registering at the WWPass Developer's site ( You can use your WWPass PassKey to register or provide a valid address. Once you have registered with WWPass, you will receive a validation containing a link to activate your new account. Your web site domain (e.g. will be known to WWPass as a Service Provider. After logging into the developers section of the WWPass web site, click on the Service Providers link ( at the top of the screen. Under the Service Providers heading, click on the Add New Service Provider button. You should be transferred to the 4-step guide to authenticating your web site. The following steps are short descriptions of what is found on the WWPass web site. Step 1: Define Domain Name Enter the domain name for your web site and click on the Add Domain. Step 2: Validate Your Domain A text file with a unique text will be shown, this file needs to be placed in the root directory of your web site. You can download the file or copy the text to a file with the name specified. The file name and content should not be changed. This file should be accessible through a URL such as: Download the validation file provided (.txt file) and place this at the document root of your web site (e.g. /var/www). Next, click on the Validate button to initiate web site validation. If the text file is properly placed, the Service Provider listed on your account page will indicate Validated and a Service Provider ID will be assigned. This is the ID that identifies your web service to WWPass. Page 17
18 Your site is now validated; delete the text file from your website. Generate public/private encryption key pair Step 3: Generate Keys The next step is to create public/private encryption keys. These keys will allow for secure communications between the Service Provider and WWPass. Open a terminal window and use the OpenSSL utility to generate the public/private keys required. To create the keys, type: openssl req -new -newkey rsa:4096 -nodes -subj \ "/O=<Your Service Provider name>/cn=<your Service Provider ID>" \ -keyout <Your Service Provider name>.key \ -out <Your Service Provider name>.req The output from this operation will be two names files <Service_Provider_Name>.key and <Service_Provider_Name>.req. The.req file will be needed to request a certificate from WWPass. At the bottom of the Generate Keys page, click on the Browse button and go to the location that contains the.req file and input the path. Click the Submit button to send the certificate request to WWPass. Step 4: Get Certificate WWPass will respond to the certificate request from the previous step with a certificate file (YourDomainName.com.crt). If you were using OpenSSL just put the certificate and private key (<ServiceProviderName>.key) on the web server. Put them in a folder that is not accessible from web. (i.e. /etc/ssl/certs) It is important that the web server should not serve out the private key in response to any request. Set access rights so that the process of you web server has the read rights on your private key and certificate. No other user should have any rights to access the file with your private key. Should the private key become compromised, simply generate a new private key, then return to the WWPass web site and manage your domain by submitting the new key. When your web service connects to WWPass, the WWPass server will present an SSL certificate signed by WWPass. For your web service to verify the validity of the WWP-SPFE it will need the WWPass CA certificate. Download it and put it in the same location as your certificate. Later you will provide the path to this CA certificate in the Apache Server configuration file that will be used to authenticate connections to WWPass as part of the authorization process. Page 18
19 To acquire the WWPass CA: With a web browser, go to the following address: Under the Resources for Developers section, across from the WWPass CA Certificate listing, lick on the Download button. The web browser should begin to download a WWPass CA certificate. Create a folder (i.e. /var/certs) and place this certificate in a folder that only the Apache Server can access with specific folder permissions. Make note of this folder as it will be used in the.htaccess file. Do not put this folder in the Apache Server web root (/var/www) directory. Enable.htaccess Apache Server configuration To complete web access within the Apache Server, the user needs to create and modify an.htaccess file. This file is read by Apache Server upon every web page request. The file will reside at the root of the folder that the Service Provider wishes to protect. An example of this would be a web site at the location: /var/www/serviceproviderroot/.htaccess What is.htaccess and How Is It Used?.htaccess is a file that provides a way to make access changes on a per-directory basis. This file, containing one or more access and configuration directives, can be placed in a document directory, and those directives will apply to that directory, as well as all subdirectories. Note: If you want to call your.htaccess file something else, you can change the name of the file using the AccessFileName directive in the /usr/local/apache2/conf/httpd.conf file. For example, if you would rather call the access file.config then you can put the following in your server configuration file: AccessFileName.config In general,.htaccess files use the same syntax as the main configuration files. What you can put in these files is determined by the AllowOverride directive. This directive specifies, in categories, what directives will be honored if they are found in an.htaccess file. If a directive is permitted in the file, the documentation for that directive will contain an override section, specifying what values must be in AllowOverride in order for that directive to be permitted. Page 19
20 How to enable.htaccess Functionality To allow for.htaccess files to be used within Apache Server, you must modify the file /etc/apache2/sites-available/default Under the section DocumentRoot /var/www, go to the line that reads AllowOverides None. Change None to All ; this will force Apache Server to use.htaccess files for per-directory configuration. Upon completing the file edit, force Apache Server to reload the configuration files by typing: sudo /etc/init.d/apache2 reload Note: use of the.htaccess file capability will incur a performance hit as the directive will force Apache to look in the current directory as well as any directory above it in the directory tree to check for parent.htaccess files. From Apache.org: The first of these is performance. When AllowOverride is set to allow the use of.htaccess files, httpd will look in every directory for.htaccess files. Thus, permitting.htaccess files causes a performance hit, whether or not you actually even use them! Also, the.htaccess file is loaded every time a document is requested. Also note that Apache must look for.htaccess files in all higher-level directories, in order to have a complete list of directives that it must apply. (See section on how directives are applied.) Thus, if a file is requested out of a directory /www/htdocs/example, httpd must look for the following files: /.htaccess /www/.htaccess /www/htdocs/.htaccess /www/htdocs/example/.htaccess And so, for each file access out of that directory, there are 4 additional file-system accesses, even if none of those files are present. Note that this would only be the case if.htaccess files were enabled for /, which is not usually the case. Page 20
21 .htaccess Configuration At the end of this section a sample.htaccess file is provided to show the use of the directives listed below. Basic.htaccess Directives Directive <options> AuthWWPassEnabled <On Off> Description Turns WWPass module on or off. AuthWWPassSPFEUrl <url> WWPass SPFE url. The default is AuthWWPassCA <cafile> WWPass CA certificate file in PEM format. One can be acquired at AuthWWPassSPCert <crtfile> Service Provider certificate file in PEM format. AuthWWPassSPKey <keyfile> Service Provider private key file in PEM format. AuthWWPassSPName <spname> Service Provider name (URL-encoded) AuthWWPassRequestPassword <On Off> Add second factor: request password for PassKey. Default is off. AuthWWPassAuthPage <path_to_auth_page_template> Template for authentication page. If this is an empty string, the default page will be used. Page 21
22 Cookies and Sessions Within the.htaccess file there are a several settings that can be enabled to turn on/off cookies and related functionality. Directive <options> AuthWWPassCookiePrefix <prefix> Description Cookie prefix. The default is wwpass_ AuthWWPassSessionLifetime <lifetime(sec)> AuthWWPassDBFile <path_to_db_file> AuthWWPassCookieAsSession <On Off> Time to keep authenticated session. 0 to authenticate each request (this effectively makes the folder images/css inaccesible) File to use as SQLite3 session database. The default is /tmp/auth_wwpass_session_db Set cookie lifetime to that of session. If not set, this will persist until browser restart. User and Access Control Within the.htaccess file there are a series of settings that can be entered for specific user and access control. Directive <options> AuthWWPassUserfile <filename> AuthWWPassShowPUID <url> AuthWWPassAutoRegister <On Off> AuthWWPassRequire <username1[, username2[, username3[...]]] validuser any-user> AuthWWPassURLFilter <filter regexp> Description File containing PUID:username pairs each line has a semicolon used as a field separator. Otherwise, spaces may be used to separate PUID and username. The file should be accessible to the Apache Server account. Show PUID on requests to this url. URL will be relative to the root directory. (i.e. to view the given url argument should be "/puid".) Add users that were authenticated by WWPASS and other Apache Server authentication modules to AuthWWPassUserfile <filename>. Allow only these users according to AuthWWPassUserfile<filename> (or any WWPass authorized user in valid-user or any user in file anyuser) to access this directory. WWP-AMA processes only URLs matching this regular expression (regexp). Page 22
23 .htaccess file example ## mod_auth_wwpass.htaccess example <IfModule mod_auth_wwpass.c> ## Basic directives: AuthWWPassEnabled On AuthWWPassSPFEUrl ## Path to WWPass CA certificate. Recommend /etc/ssl/certs AuthWWPassCA "/path/to/certs/wwpass_sp_ca.crt" ## Path to Service Provider certificate. Recommend /etc/ssl/certs AuthWWPassSPCert "/path/to/certs/<yourdomainhere>.com.crt" ## Path to private key. Recommend /etc/ssl/private (make sure that the Apache process will be able to access the file) AuthWWPassSPKey "/path/to/keys/< yourdomainhere >.key" AuthWWPassSPName "<yournamehere>.com" AuthWWPassRequestPassword On AuthWWPassAuthPage "/var/www/login.php" ## Cookies and sessions: AuthWWPassCookiePrefix "_wwpass" AuthWWPassSessionLifetime 3600 AuthWWPassDBFile "/tmp/auth_wwpass_session_db" AuthWWPassCookieAsSession Off ## User and access control AuthWWPassUserfile "/var/www/" AuthWWPassShowPUID /maw/uid (<-Note Is this correct?) AuthWWPassAutoRegister On AuthWWPassRequire valid-user </IfModule> ## Fallback to basic AuthType Basic AuthName "Restricted Files" AuthDigestDomain / AuthDigestProvider file AuthUserFile /var/www/.htpasswd Require valid-user Page 23
LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate
LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate In this example we are using apnictraining.net as domain name. # super user command. $ normal user command. N replace with your group
More informationPractical Exercise: Smartcard-based authentication in HTTP
MIECT: Security 2015-16 Practical Exercise: Smartcard-based authentication in HTTP November 24, 2015 Due date: no date Changelog v1.0 - Initial Version. 1 Introduction Smartcards can be used to authenticate
More informationUser authentication, passwords
User authentication, passwords User Authentication Nowadays most internet applications are available only for registered (paying) users How do we restrict access to our website only to privileged users?
More informationBitnami Piwik for Huawei Enterprise Cloud
Bitnami Piwik for Huawei Enterprise Cloud Description Piwik is a real time web analytics software program. It provides detailed reports on website visitors: the search engines and keywords they used, the
More information2. Installing OpenBiblio 1.0 on a Windows computer
Table of Contents Installing OpenBiblio 1. System requirements... 1 2. Installing OpenBiblio 1.0 on a Windows computer... 1 2.1. Install prerequisite software... 1 2.2. Install OpenBiblio... 2 2.3. Using
More informationApache + PHP + MySQL. bdnog November 2017 Dhaka, Bangladesh
Apache + PHP + MySQL bdnog7 18-22 November 2017 Dhaka, Bangladesh Outline q Introduction to Apache httpd web server q Basic Compilation, Installation and Configuration q Apache File system q Apache Logging
More informationBitnami ez Publish for Huawei Enterprise Cloud
Bitnami ez Publish for Huawei Enterprise Cloud Description ez Publish is an Enterprise Content Management platform with an easy to use Web Content Management System. It includes role-based multi-user access,
More informationA PAtCHy server: developed by the Apache group formed 2/95 around by a number of people who provided patch files for NCSA httpd 1.3 by Rob McCool.
Outline q Introduction to Apache httpd web server q Basic Compilation, Installation and Configuration q Apache File system q Apache Logging & Status q Security & Performance Features q Virtual Hosting
More informationBitnami Pimcore for Huawei Enterprise Cloud
Bitnami Pimcore for Huawei Enterprise Cloud Description Pimcore is the open source platform for managing digital experiences. It is the consolidated platform for web content management, product information
More informationBitnami ProcessMaker Community Edition for Huawei Enterprise Cloud
Bitnami ProcessMaker Community Edition for Huawei Enterprise Cloud Description ProcessMaker is an easy-to-use, open source workflow automation and Business Process Management platform, designed so Business
More informationBitnami Coppermine for Huawei Enterprise Cloud
Bitnami Coppermine for Huawei Enterprise Cloud Description Coppermine is a multi-purpose, full-featured web picture gallery. It includes user management, private galleries, automatic thumbnail creation,
More informationBitnami Tiny Tiny RSS for Huawei Enterprise Cloud
Bitnami Tiny Tiny RSS for Huawei Enterprise Cloud Description Tiny Tiny RSS is an open source web-based news feed (RSS/Atom) reader and aggregator, designed to allow you to read news from any location,
More informationشرکت توسعه ارتباطات پردیس پارس. owncloud. The last file sharing platform you'll ever need
شرکت توسعه ارتباطات پردیس پارس owncloud The last file sharing platform you'll ever need. Explore the Features: Click Sync and Share Your Data, with Ease A Safe Home for All Your Data Your Data is Where
More informationBitnami DokuWiki for Huawei Enterprise Cloud
Bitnami DokuWiki for Huawei Enterprise Cloud Description DokuWiki is a standards-compliant, simple to use wiki optimized for creating documentation. It is targeted at developer teams, workgroups, and small
More informationBitnami OroCRM for Huawei Enterprise Cloud
Bitnami OroCRM for Huawei Enterprise Cloud Description OroCRM is a flexible open-source CRM application. OroCRM supports your business no matter the vertical. If you are a traditional B2B company, franchise,
More informationKollaborate Server. Installation Guide
1 Kollaborate Server Installation Guide Kollaborate Server is a local implementation of the Kollaborate cloud workflow system that allows you to run the service in-house on your own server and storage.
More informationBitnami Trac for Huawei Enterprise Cloud
Bitnami Trac for Huawei Enterprise Cloud Description Trac is an enhanced wiki and issue tracking system for software development projects. It provides interfaces to Subversion and Git, an integrated Wiki
More informationL.A.M.P. Stack Part I
L.A.M.P. Stack Part I By George Beatty and Matt Frantz This lab will cover the basic installation and some configuration of a LAMP stack on a Ubuntu virtual box. Students will download and install the
More informationUniform Resource Locators (URL)
The World Wide Web Web Web site consists of simply of pages of text and images A web pages are render by a web browser Retrieving a webpage online: Client open a web browser on the local machine The web
More informationLinux Network Administration. Apache Web Server COMP1071 Summer 2017
Linux Network Administration Apache Web Server COMP1071 Summer 2017 Overview Apache2 is a software package which provides the infrastructure to deliver web services It is flexible, fast, open source, scalable,
More informationManually Password Protect Directories Apache Ubuntu
Manually Password Protect Directories Apache Ubuntu Apache can be configured to force users to login before being Password protection can be useful for securing a directory that planning to edit them manually,
More informationBitnami TestLink for Huawei Enterprise Cloud
Bitnami TestLink for Huawei Enterprise Cloud Description TestLink is test management software that facilitates software quality assurance. It offers support for test cases, test suites, test plans, test
More informationBitnami OSQA for Huawei Enterprise Cloud
Bitnami OSQA for Huawei Enterprise Cloud Description OSQA is a question and answer system that helps manage and grow online communities similar to Stack Overflow. First steps with the Bitnami OSQA Stack
More informationPostgres Enterprise Manager Installation Guide
Postgres Enterprise Manager Installation Guide November 3, 2013 Postgres Enterprise Manager Installation Guide, Version 4.0.0 by EnterpriseDB Corporation Copyright 2013 EnterpriseDB Corporation. All rights
More informationBitnami Dolibarr for Huawei Enterprise Cloud
Bitnami Dolibarr for Huawei Enterprise Cloud Description Dolibarr is an open source, free software package for small and medium companies, foundations or freelancers. It includes different features for
More informationWeb Servers and Security
Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache has 49%; IIS has 36% (source: http://news.netcraft.com/archives/2008/09/30/
More informationGenesys Security Deployment Guide. What You Need
Genesys Security Deployment Guide What You Need 12/27/2017 Contents 1 What You Need 1.1 TLS Certificates 1.2 Generating Certificates using OpenSSL and Genesys Security Pack 1.3 Generating Certificates
More informationUsing SSL to Secure Client/Server Connections
Using SSL to Secure Client/Server Connections Using SSL to Secure Client/Server Connections, page 1 Using SSL to Secure Client/Server Connections Introduction This chapter contains information on creating
More informationBitnami Re:dash for Huawei Enterprise Cloud
Bitnami Re:dash for Huawei Enterprise Cloud Description Re:dash is an open source data visualization and collaboration tool. It was designed to allow fast and easy access to billions of records in all
More informationUSER GUIDE WWPass Security for (Thunderbird)
USER GUIDE WWPass Security for Email (Thunderbird) TABLE OF CONTENTS Chapter 1 Welcome... 3 Introducing WWPass Security for Email (Thunderbird)... 4 Connecting Your PassKey to Your Computer... 4 Need Assistance?...
More informationDCLI User's Guide. Data Center Command-Line Interface 2.9.1
Data Center Command-Line Interface 2.9.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit
More informationIf you re the administrator on any network,
Let s do an inventory! If you re the administrator on any network, chances are you ve already faced the need to make an inventory. In fact, keeping a list of all the computers, monitors, software and other
More informationInstall Certificate on the Cisco Secure ACS Appliance for PEAP Clients
Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients Document ID: 64067 Contents Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Service Installation
More informationIntroduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...
Oracle Access Manager Configuration Guide for On-Premises Version 17 October 2017 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing
More informationUse the login credentials and the primary domain name that were sent to you on account activation.
Getting Started To login to the Interworx Control Panel, in a web browser go to: https://webhosting.it.ubc.ca:2443/siteworx/ Use the login credentials and the primary domain name that were sent to you
More informationGenesys Interaction Recording Solution Guide. WebDAV Requirements
Genesys Interaction Recording Solution Guide WebDAV Requirements 11/24/2017 Contents 1 WebDAV Requirements 1.1 Deploying the WebDAV Server 1.2 Configuring TLS for the WebDAV Server 1.3 Next Step Genesys
More informationManaging Certificates
CHAPTER 12 The Cisco Identity Services Engine (Cisco ISE) relies on public key infrastructure (PKI) to provide secure communication for the following: Client and server authentication for Transport Layer
More informationEntrust Connector (econnector) Venafi Trust Protection Platform
Entrust Connector (econnector) For Venafi Trust Protection Platform Installation and Configuration Guide Version 1.0.5 DATE: 17 November 2017 VERSION: 1.0.5 Copyright 2017. All rights reserved Table of
More informationUsing Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
CHAPTER 2 Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) This chapter contains information on the following topics: HTTPS Overview, page 2-1 HTTPS for Cisco Unified IP Phone Services,
More informationWired Dot1x Version 1.05 Configuration Guide
Wired Dot1x Version 1.05 Configuration Guide Document ID: 64068 Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Services Installation Install the Microsoft Certificate
More informationWe want to install putty, an ssh client on the laptops. In the web browser goto:
We want to install putty, an ssh client on the laptops. In the web browser goto: www.chiark.greenend.org.uk/~sgtatham/putty/download.html Under Alternative binary files grab 32 bit putty.exe and put it
More informationHypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) This chapter provides information about Hypertext Transfer Protocol over Secure Sockets Layer. HTTPS, page 1 HTTPS for Cisco Unified IP Phone
More informationBitnami Subversion for Huawei Enterprise Cloud
Bitnami Subversion for Huawei Enterprise Cloud Description Subversion enables globally distributed software development teams to efficiently version and share source code with low administrative overhead.
More informationBitnami Mantis for Huawei Enterprise Cloud
Bitnami Mantis for Huawei Enterprise Cloud Description Mantis is a complete bug-tracking system that includes role-based access controls, changelog support, built-in reporting and more. A mobile client
More informationArchitecture. Steven M. Bellovin October 27,
Architecture Steven M. Bellovin October 27, 2015 1 Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache
More informationDCLI User's Guide. Modified on 20 SEP 2018 Data Center Command-Line Interface
Modified on 20 SEP 2018 Data Center Command-Line Interface 2.10.0 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about
More informationCHAPTER. Introduction
CHAPTER 1 Cisco Unified Communications Manager (formerly Cisco Unified CallManager) serves as the software-based call-processing component of the Cisco Unified Communications family of products. A wide
More informationBitnami Spree for Huawei Enterprise Cloud
Bitnami Spree for Huawei Enterprise Cloud Description Spree is an e-commerce platform that was designed to make customization and upgrades as simple as possible. It includes support for product variants,
More informationDCLI User's Guide. Data Center Command-Line Interface
Data Center Command-Line Interface 2.10.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit
More informationTwo factor authentication for Apache using mod_auth_radius
Two factor authentication for Apache using mod_auth_radius sandbox-logintc.com/docs/connectors/apache.html Introduction LoginTC makes it easy for administrators to add multi-factor to Apache. This document
More informationBitnami ERPNext for Huawei Enterprise Cloud
Bitnami ERPNext for Huawei Enterprise Cloud Description ERPNext is an open source, web based application that helps small and medium sized business manage their accounting, inventory, sales, purchase,
More informationHypertext Transfer Protocol Over Secure Sockets Layer (HTTPS)
Hypertext Transfer Protocol Over Secure Sockets Layer (HTTPS) This chapter provides information about Hypertext Transfer Protocol over Secure Sockets Layer. HTTPS, page 1 HTTPS for Cisco Unified IP Phone
More informationCA SiteMinder Web Access Manager. Configuring SiteMinder Single Sign On for Microsoft SharePoint 2007 Using Forms-based Authentication
CA SiteMinder Web Access Manager Configuring SiteMinder Single Sign On for Microsoft SharePoint 2007 Using Forms-based Authentication This documentation and any related computer software help programs
More informationWWPass External Authentication Solution for IBM Security Access Manager 8.0
WWPass External Authentication Solution for IBM Security Access Manager 8.0 Setup guide Enhance your IBM Security Access Manager for Web with the WWPass hardware authentication IBM Security Access Manager
More information3 Installation from sources
2018/02/14 10:00 1/11 3 Installation from sources 3 Installation from sources You can get the very latest version of Zabbix by compiling it from the sources. A step-by-step tutorial for installing Zabbix
More informationBitnami JRuby for Huawei Enterprise Cloud
Bitnami JRuby for Huawei Enterprise Cloud Description JRuby is a 100% Java implementation of the Ruby programming language. It is Ruby for the JVM. JRuby provides a complete set of core built-in classes
More informationBitnami Open Atrium for Huawei Enterprise Cloud
Bitnami Open Atrium for Huawei Enterprise Cloud Description Open Atrium is designed to help teams collaborate by providing an intranet platform that includes a blog, a wiki, a calendar, a to do list, a
More informationmaxecurity Product Suite
maxecurity Product Suite Domain Administrator s Manual Firmware v2.2 ii Table of Contents BASICS... 1 Understanding how maxecurity products work in your company... 1 Getting started as a Domain Administrator...
More informationFederated Identity Manager Business Gateway Version Configuration Guide GC
Tivoli Federated Identity Manager Business Gateway Version 6.2.1 Configuration Guide GC23-8614-00 Tivoli Federated Identity Manager Business Gateway Version 6.2.1 Configuration Guide GC23-8614-00 Note
More informationENTRUST CONNECTOR Installation and Configuration Guide Version April 21, 2017
ENTRUST CONNECTOR Installation and Configuration Guide Version 0.5.1 April 21, 2017 2017 CygnaCom Solutions, Inc. All rights reserved. Contents What is Entrust Connector... 4 Installation... 5 Prerequisites...
More informationK-RATE INSTALLATION MANUAL
K-RATE INSTALLATION MANUAL K-Rate Installation Manual Contents SYSTEM REQUIREMENTS... 3 1. DOWNLOADING K-RATE... 4 STEP 1: LOGIN TO YOUR MEMBER ACCOUNT... 4 STEP 2: ENTER DOMAIN NAME... 5 STEP 3: DOWNLOAD
More informationApache MySQL PHP PHPAdmin Install
Apache MySQL PHP PHPAdmin Install Installing Apache 2 To only install the apache2 webserver, use any method to install apache2 It requires a restart for it to work sudo /etc/init.d/apache2 restart Checking
More informationCreating Domain Templates Using the Domain Template Builder 11g Release 1 (10.3.6)
[1]Oracle Fusion Middleware Creating Domain Templates Using the Domain Template Builder 11g Release 1 (10.3.6) E14139-06 April 2015 This document describes how to use the Domain Template Builder to create
More informationContents Introduction... 5 Configuring Single Sign-On... 7 Configuring Identity Federation Using SAML 2.0 Authentication... 29
Oracle Access Manager Configuration Guide 16 R1 March 2016 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 8 Installing Oracle HTTP Server...
More informationScan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 02/18/2018 Scan expiration date: 05/19/2018 Part 2. Component
More informationBitnami Ruby for Huawei Enterprise Cloud
Bitnami Ruby for Huawei Enterprise Cloud Description Bitnami Ruby Stack provides a complete development environment for Ruby on Rails that can be deployed in one click. It includes most popular components
More informationSecurity Guide. Configuration of Permissions
Guide Configuration of Permissions 1 Content... 2 2 Concepts of the Report Permissions... 3 2.1 Security Mechanisms... 3 2.1.1 Report Locations... 3 2.1.2 Report Permissions... 3 2.2 System Requirements...
More informationHOMELESS INDIVIDUALS AND FAMILIES INFORMATION SYSTEM HIFIS 4.0 TECHNICAL ARCHITECTURE AND DEPLOYMENT REFERENCE
HOMELESS INDIVIDUALS AND FAMILIES INFORMATION SYSTEM HIFIS 4.0 TECHNICAL ARCHITECTURE AND DEPLOYMENT REFERENCE HIFIS Development Team May 16, 2014 Contents INTRODUCTION... 2 HIFIS 4 SYSTEM DESIGN... 3
More informationPublic-Key Infrastructure (PKI) Lab
SEED Labs PKI Lab 1 Public-Key Infrastructure (PKI) Lab Copyright 2018 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation under Award
More informationLecture 18: Server Configuration & Miscellanea. Monday, April 23, 2018
Lecture 18: Server Configuration & Miscellanea Monday, April 23, 2018 Apache Earlier in the course, we talked about the configuration of everything except Apache There are some components of configuring
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationOracle Access Manager Configuration Guide
Oracle Access Manager Configuration Guide 16 R2 September 2016 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...
More informationMISP2 installation and configuration guide. Version 2.12
MISP2 installation and configuration guide Version 2.12 Contents Contents... 2 1. Introduction... 3 2. Environment requirements... 3 3. MISP2 Installation... 3 3.1. Updating the MISP2 package list... 3
More informationTwo factor authentication for Apache using mod_auth_xradius
Two factor authentication for Apache using mod_auth_xradius sandbox-logintc.com/docs/connectors/apache_alt.html Introduction LoginTC makes it easy for administrators to add multi-factor to Apache. This
More informationConnectUPS-X / -BD /-E How to use and install SSL, SSH
ConnectUPS-X /-BD /-E product family Root CA Certificate installation Rev. B Page 1/16 Index 1. How to use and install SSL (Secure Socket Layer)...3 1.1. General Certificate warning message if not installed...3
More informationDCLI User's Guide. Data Center Command-Line Interface 2.7.0
Data Center Command-Line Interface 2.7.0 You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The VMware Web site also provides the latest product
More information3 Installation from sources
2019/02/02 03:16 1/11 3 Installation from sources 3 Installation from sources You can get the very latest version of Zabbix by compiling it from the sources. A step-by-step tutorial for installing Zabbix
More informationGateDefender Performa updates from a local Web server
GateDefender Performa updates from a local Web server Copyright notice Panda Security 2008. All rights reserved. Neither the documents nor the programs that you may access may be copied, reproduced, translated
More informationUnit 4 The Web. Computer Concepts Unit Contents. 4 Web Overview. 4 Section A: Web Basics. 4 Evolution
Unit 4 The Web Computer Concepts 2016 ENHANCED EDITION 4 Unit Contents Section A: Web Basics Section B: Browsers Section C: HTML Section D: HTTP Section E: Search Engines 2 4 Section A: Web Basics 4 Web
More informationScan Report Executive Summary
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 08/28/2017 Scan expiration date: 11/26/2017 Part 2. Component
More informationBest Practices for Security Certificates w/ Connect
Application Note AN17038 MT AppNote 17038 (AN 17038) September 2017 Best Practices for Security Certificates w/ Connect Description: This Application Note describes the process and best practices for using
More informationInstalling Open Project on Ubuntu AWS with Apache and Postgesql
Installing Open Project on Ubuntu AWS with Apache and Postgesql Contents Installing Open Project on Ubuntu AWS with Apache and Postgesql... 1 Add new ports to your security group... 2 Update your system...
More informationProvisioning Certificates
CHAPTER 8 The Secure Socket Layer (SSL) protocol secures the network communication and allows data to be encrypted before transmission and provides security. Many application servers and web servers support
More informationCisco Unified Serviceability
Cisco Unified Serviceability Introduction, page 1 Installation, page 5 Introduction This document uses the following abbreviations to identify administration differences for these Cisco products: Unified
More informationWLprinter Web-to-local print solution Version 0.9
WLprinter Web-to-local print solution Version 0.9 Tekki October 7, 2010 Contents 1 Introduction 2 1.1 What is WLprinter?.............................. 2 1.2 System requirements..............................
More informationOptiRain Open 2 Installation Guide for LInux. This guide provides general instructions for installing OptiRain Open 2 on a Linux based server.
QUICKSMART OptiRain Open 2 Installation Guide for LInux QuickSmart Development P.O. Box 3689 Santa Clara, CA 95055 408-777-0944 www.quicksmart.com This guide provides general instructions for installing
More informationViMP 2.0. Installation Guide. Verfasser: ViMP GmbH
ViMP 2.0 Installation Guide Verfasser: ViMP GmbH Table of contents About this document... 3 Prerequisites... 4 Preparing the server... 5 Apache2... 5 PHP... 5 MySQL... 5 Transcoding... 6 Configuration...
More informationeroaming platform Secure Connection Guide
eroaming platform Secure Connection Guide Contents 1. Revisions overview... 3 2. Abbrevations... 4 3. Preconditions... 5 3.1. OpenSSL... 5 3.2. Requirements for your PKCS10 CSR... 5 3.3. Java Keytool...
More informationUsing the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1
Using the VMware vcenter Orchestrator Client vrealize Orchestrator 5.5.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments
More informationLecture Overview. IN5290 Ethical Hacking. Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing
Lecture Overview IN5290 Ethical Hacking Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing Summary - how web sites work HTTP protocol Client side server side actions Accessing
More informationSetting up the Apache Web Server
1 Setting up the Apache Web Server The Apache Web Server (Hyper Text Transfer Protocol) is the most popular web server available. The project gained popularity with Linux in the 1990 s as they teamed up
More informationTungsten Dashboard for Clustering. Eric M. Stone, COO
Tungsten Dashboard for Clustering Eric M. Stone, COO In this training session 1. Tungsten Dashboard Welcome 2. Tungsten Dashboard Overview 3. Tungsten Dashboard Prerequisites 4. Tungsten Dashboard Security
More informationINTRODUCTION. To avoid the PHP7 conflicts use this OS image: STEP 1 - Parts List:
INTRODUCTION These are enhanced instruction set to install RaspberryPints on a Raspberry Pi 2 Model B with use of an AlaMode card and Flow Meters from AdaFruit.com. I started with instruction set here:
More informationWEB SECURITY: WEB BACKGROUND
WEB SECURITY: WEB BACKGROUND CMSC 414 FEB 20 2018 A very basic web architecture Client Server Browser Web server (Private) Data Database DB is a separate entity, logically (and often physically) A very
More informationBelow are the steps to install Orangescrum Self Hosted version of Cloud Edition in Ubuntu Server Last Updated: OCT 18, 2018
Below are the steps to install Orangescrum Self Hosted version of Cloud Edition in Ubuntu Server Last Updated: OCT 18, 2018 Step 1 Download the Orangescrum Self Hosted version of CloudEdition Extract the
More informationMitel MiContact Center Enterprise WEB APPLICATIONS CONFIGURATION GUIDE. Release 9.2
Mitel MiContact Center Enterprise WEB APPLICATIONS CONFIGURATION GUIDE Release 9.2 NOTICE The information contained in this document is believed to be accurate in all respects but is not warranted by Mitel
More informationCompTIA Network+ Lab Series Network Concepts. Lab 2: Types of Networks
CompTIA Network+ Lab Series Network Concepts Objective 1.5: Identify common TCP and UDP default ports Objective 1.6: Explain the function of common networking protocols Document Version: 2015-09-18 otherwise
More informationStep-by-step installation guide for monitoring untrusted servers using Operations Manager
Step-by-step installation guide for monitoring untrusted servers using Operations Manager Most of the time through Operations Manager, you may require to monitor servers and clients that are located outside
More informationInstalling LAMP on Ubuntu and (Lucid Lynx, Maverick Meerkat)
Installing LAMP on Ubuntu 10.04 and 10.10 (Lucid Lynx, Maverick Meerkat) April 29, 2010 by Linerd If you're developing websites, it's nice to be able to test your code in the privacy of your own computer
More informationInstalling OptiRain Open on Raspbian
QUICKSMART Installing OptiRain Open on Raspbian QuickSmart Development P.O. Box 3689 Santa Clara, CA 95055 408-777-0944 www.quicksmart.com This document shows how to install OptiRain Open 2 on a Raspberry
More information